Word of the Week
A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, peer entity authentication service and access control service distributed in a client-server network environment.
Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.
Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.
(cryptographic) hash functions are used to generate a one way “check sum” for a larger text, which is not trivially reversed. The result of this hash function can be used to validate if a larger file has been altered, without having to compare the larger files to each other. Frequently used hash functions are MD5 and SHA1.
The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.
False Rejects are when an authentication system fails to recognize a valid user.
Cryptographic transformation of data (called “plaintext”) into a form (called “cipher text”) that conceals the data’s original meaning to prevent it from being known or used.
A widely-used method of data encryption using a private (secret) key. There are 72,000,000,000,000,000 (72 quadrillion) or more possible encryption keys that can be used. For each given message, the key is chosen at random from among this enormous number of keys. Like other private key cryptographic methods, both the sender and the receiver must know and use the same private key.
Malicious or misleading data from a remote name server is saved [cached] by another name server. Typically used with DNS cache poisoning attacks.
A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.
A mechanism that implements access control for a system resource by listing the identities of the system entities that are permitted to access the resource.
Internet protocol security (IPsec) is a set of protocols that provides security for Internet Protocol.